remote cyrus exploits?
David Carter
dpc22 at cam.ac.uk
Tue Nov 23 05:54:10 EST 2004
On Tue, 23 Nov 2004, Derrick J Brashear wrote:
> The relevant portions of the patch between 2.2.8 and 2.2.9 can be
> applied (most likely by hand) to 2.1.x.
Here's the (trivial) subset of patches which are relevant to 2.1.16:
http://www-uxsup.csx.cam.ac.uk/~dpc22/cyrus/patches/2.1.16/peek.patch
2.1.16 doesn't implement the BINARY extension.
The MULTIAPPEND implementation is much simpler in 2.1.16. It just reads
and appends one message at a time rather than reading all the messages
into the "stage." directory and then doing the actual append at the end. I
infer that the new code in 2.2.x is there to provide better error recovery
in the case of bad input after a number of appends have been committed.
--
David Carter Email: David.Carter at ucs.cam.ac.uk
University Computing Service, Phone: (01223) 334502
New Museums Site, Pembroke Street, Fax: (01223) 334679
Cambridge UK. CB2 3QH.
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus
mailing list